An organization
VDC network with a routed connection provides controlled access to machines and
networks outside of the organization VDC.
System
administrators and organization administrators can configure network address
translation (NAT) and firewall settings on the network's Edge Gateway to make
specific virtual machines in the VDC accessible from an external network.

Prerequisites

■

This operation requires
the rights included in the predefined Organization Administrator role or an
equivalent set of rights.

Procedure

1

Retrieve the list of
Edge Gateways in the organization VDC in which you plan to create the routed
network.

You can use a query
like this one, where
href
is the value of the
href attribute of your organization VDC:

If this organization VDC does not contain any Edge Gateways, or
does not contain an Edge Gateway that has the configuration you want, a system
administrator can create a new Edge Gateway. See
Create an Edge Gateway.

2

Choose an Edge Gateway
that has interface capacity available.

An Edge Gateway can
support a maximum of nine internal and external interfaces. At least one of
those interfaces is typically consumed by a connection to an external network.
Creation of a routed organization VDC network requires the Edge Gateway to have
an unused interface available for the new network. To see how many interfaces
each Edge Gateway in your organization VDC is using, you can run the query
shown in
Step 1,
then add the values of the
numberOfExtNetworks and
numberOfOrgNetworks
attributes. If the total is less than 9, the Edge Gateway can accommodate a new
routed organization VDC network.

3

Create an
OrgVdcNetwork element.

a

Specify a value of
natRouted in the
FenceMode element of
the network
Configuration.

You can specify
additional
Configuration
parameters, as noted in the schema reference.

b

Specify the
href of the Edge
Gateway you chose in
Step 2
in the
EdgeGateway element.

The server takes the requested
action and returns an XML representation of the partially-created object. This
representation includes an
href attribute, properties specified in the creation
request, and an embedded
Task
element that tracks the creation of the object. When the task completes, the
object has been created, and you can use the value of the
href attribute with a GET request to retrieve the XML
representation of the object.

This example adds a
routed network to the organization VDC created in
Add a VDC to an Organization.
The network connects through the Edge Gateway created in
Create an Edge Gateway.
Because the creation request sets the value of the
IsShared element to
true, the new network is made available in all VDCs in
this organization.

When the
Task
completes, the new network is represented in the
EdgeGateway by a
GatewayInterface whose
InterfaceType is
Internal. Unlike the
Uplink interface that you create when you create an
EdgeGateway, an
internal interface cannot be created explicitly. It is created only as a
side-effect of creating a routed organization VDC network.